GSSManager gssManager = GSSManager.getInstance();
try {
//using reflection to expose a private method
// using findLoadedClass method on classLoader to check if its native provider or not.
ClassLoader gssClassLoader = gssManager.getClass().getClassLoader();
Method m = ClassLoader.class.getDeclaredMethod("findLoadedClass", String.class);
m.setAccessible(true);
// prints null if not loaded, with graalvm native image, its always null.
System.out.println(m.invoke(gssClassLoader, "sun.security.jgss.wrapper.SunNativeProvider"));
System.out.println("native true? {}" + System.getProperty("sun.security.jgss.native")); // this returns true as I have set the property
}catch(Exception e) {
LOG.info("error in reflection {}", e.toString());
}
The same code works when running on JVM (including oracle graalvm without native image).
I have tried different flags like the below. But nothing worked:
graalvmNative {
binaries {
main {
buildArgs.add('--add-opens java.base/java.lang=ALL-UNNAMED') //for reflection
buildArgs.add('--enable-native-access')
buildArgs.add('-J-Dsun.security.jgss.native=true')
buildArgs.add('-Dsun.security.jgss.native=true')
buildArgs.add('-H:AdditionalSecurityProviders=sun.security.jgss.SunProvider') //based on https://github.com/oracle/graal/issues/5950#issuecomment-1746835465
}
}
}
Environment:
Podman container using Linux RHEL 8
Graalvm for JDK 22
As per https://docs.oracle.com/en/java/javase/11/security/accessing-native-gss-api.html#GUID-88A42A9C-AC8B-426E-A8A7-B30518C2162A, when
sun.security.jgss.native
flag is set totrue
,GSSManager.getInstance()
should ideally give a GSSManager implementation using native gss implementation. However, that is not happening.Below is a sample code.
The same code works when running on JVM (including oracle graalvm without native image).
I have tried different flags like the below. But nothing worked:
Environment: Podman container using Linux RHEL 8 Graalvm for JDK 22